package com.jpa.web;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;

import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.ApiParam;

@Api("UsersController控制类")
@Controller
@RequestMapping("user")
public class UserController  extends BaseController {

	@ResponseBody
	@PreAuthorize("hasAuthority('/user/manager')")
	@RequestMapping("manager")
	public String manager() {
		return "user manager";
	}

	@PreAuthorize("hasAuthority('/user/list')")
	@RequestMapping("list")
	public String list() {
		return "user/index";
	}

	@ResponseBody
	@PreAuthorize("hasAuthority('/user/save')")
	@RequestMapping("save")
	public String save() {
		return "user save";
	}

	@ResponseBody
	@PreAuthorize("hasAuthority('/user/update')")
	@RequestMapping("update")
	public String update() {
		return "user update";
	}

	@ResponseBody
	@PreAuthorize("hasAuthority('/user/delete')")
	@RequestMapping("delete")
	public String delete() {
		return "user delete";
	}

	/**
	 * 查看登录用户信息
	 */
	@GetMapping("/getAuth")
	public Authentication getAuth() {
		return SecurityContextHolder.getContext().getAuthentication();
	}
	
	@ApiOperation("可以指定参数的API")
	@ResponseBody
	@RequestMapping("/param")
	public String findByName(@ApiParam("用户名") String name) {
		return "hello,"+name;
	}

}
